Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

RSA_padding_check_PKCS1_type_1

2,187 views
Skip to first unread message

k b

unread,
Sep 24, 2006, 12:59:24 PM9/24/06
to
Hi ,
Sorry my bad again to post this on openssl-dev.

I'm running into this error

1823:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type
is
not 01:rsa_pk1.c:100:
1823:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check
failed:rsa_eay.c:632:

just to quickly give a background i'm trying to verify a signature and
that's
when i run into the above error.
code snippet that calls openssl is shown below.

so this verify_sign works if i use my own cert (generated by openssl ) and a
signature but when i use this
to consume someone else i run into the above mentioned error.

From what it looks it seems that the signature isn't computed right or
padded
right.
Is that what this error means ?
Second is this verify_sign function correct. or am i missing something or
not
considering some corner case.
Any pointers would be appreciated. As i'm out of ideas.
.
int verify_sign(X509 *pSignerCert, unsigned int *pSignature, size_t
pSignatureSize,
unsigned int *pPlainData, size_t pPlainDataSize)
{
int returnStatus;

EVP_MD_CTX md_ctx;
EVP_PKEY *pubKey = NULL;

if (!pSignerCert) {
printf("x509 is NULL\n");
return -10;
}

pubKey = X509_get_pubkey(pSignerCert);

if (!pubKey) {
printf("Signature successfully verified.\n");
}

EVP_MD_CTX_init(&md_ctx);

EVP_VerifyInit(&md_ctx, EVP_sha1());
int update = EVP_VerifyUpdate(&md_ctx, pPlainData, pPlainDataSize);

//int size = RSA_size(pubKey->pkey.ptr);
printf("returnStatus %d size \n", update);

returnStatus = EVP_VerifyFinal(&md_ctx, (const unsigned char *)
pSignature,
pSignatureSize, pubKey);

ERR_print_errors_fp(stdout);

if (returnStatus == 1) {
printf("Signature successfully verified.\n");
returnStatus = 0;
}
else if (returnStatus <= 0) {
char *str = (returnStatus == 0) ? "Incorrect" : "Error verifying";
printf("verify_sign: '%s' signature!\r\n", str);
returnStatus = (returnStatus == 0) ? -100 : -200;
}

EVP_PKEY_free (pubKey);
EVP_MD_CTX_destroy(&md_ctx);
return returnStatus;
}

Thanks for you inputs in advance.
Best
Kunal


______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org

Dr. Stephen Henson

unread,
Sep 24, 2006, 4:22:18 PM9/24/06
to

It usually means that the verify operation has failed because either the
signature is invalid or corrupted or the wrong public key is used.

Where does this other signature come from? Was it from OpenSSL or another
library?

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk

k b

unread,
Sep 24, 2006, 7:57:13 PM9/24/06
to

Thanks for your prompt response Steve.

actually this the error i'm getting

6536:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too
long:asn1_lib.c:150:
6536:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object
header:tasn_dec.c:1269:
6536:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
error:tasn_dec.c:374:Type=X509_SIG

ignore the earlier reported error, that was my mistake, i wasn;t passing the
signature correctly.

>Where does this other signature come from? Was it from OpenSSL or another
>library?

It's from some other library that the CA is using.

Thanks
Kunal

Dr. Stephen Henson

unread,
Sep 25, 2006, 9:39:56 AM9/25/06
to
On Sun, Sep 24, 2006, k b wrote:

>
> Thanks for your prompt response Steve.
>
> actually this the error i'm getting
>
> 6536:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too
> long:asn1_lib.c:150:
> 6536:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object
> header:tasn_dec.c:1269:
> 6536:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1
> error:tasn_dec.c:374:Type=X509_SIG
>
> ignore the earlier reported error, that was my mistake, i wasn;t passing
> the signature correctly.
>
> >Where does this other signature come from? Was it from OpenSSL or another
> >library?
> It's from some other library that the CA is using.
>

Try this command:

openssl rsautl -verify -in sig.bin -certin -inkey cert.pem -hexdump

and post the result.

k b

unread,
Sep 25, 2006, 12:07:31 PM9/25/06
to
Hi Steve,
here's the output

0000 - 82 91 3b b5 03 9d 39 0c-31 0f 66 fa 22 da ce b9 ..;...9.1.f."...
0010 - 08 8f b6 d6 ....

-Kunal

>From: "Dr. Stephen Henson" <st...@openssl.org>
>Reply-To: openss...@openssl.org
>To: openss...@openssl.org
>Subject: Re: RSA_padding_check_PKCS1_type_1

Dr. Stephen Henson

unread,
Sep 25, 2006, 1:08:52 PM9/25/06
to
On Mon, Sep 25, 2006, k b wrote:

> Hi Steve,
> here's the output
>
> 0000 - 82 91 3b b5 03 9d 39 0c-31 0f 66 fa 22 da ce b9 ..;...9.1.f."...
> 0010 - 08 8f b6 d6 ....
>

Whatever "CA" produced that signature is broken. It looks like they've just
included the raw SHA1 digest and not the required DigestInfo structure.

0 new messages